<?php

/**
 * UserIdentity represents the data needed to identity a user.
 * It contains the authentication method that checks if the provided
 * data can identity the user.
 */
class UserIdentity extends CUserIdentity {

	private $_id;

	/**
	 * Authenticates a user.
	 * The example implementation makes sure if the username and password
	 * are both 'demo'.
	 * In practical applications, this should be changed to authenticate
	 * against some persistent user identity storage (e.g. database).
	 * @return boolean whether authentication succeeds.
	 */
	public function authenticate() {
		$username = strtolower($this->username);
		$user = User::model()->find('LOWER(email)=?', array($username));
		if ($user === null) {
			$this->errorCode = self::ERROR_USERNAME_INVALID;
		} else if (Membership::model()
						->find("Benutzernummer_Web=? AND Klasse_Verband NOT LIKE 'Symp%' AND Verband LIKE 'JUSO Schweiz' 
					AND (Austritt = '0000-00-00' OR Austritt >= '" . date('Y-m-d') . "')", array($user->Benutzernummer)) === null) {
			$this->errorCode = self::ERROR_USERNAME_INVALID;
//			}
		} else if (!$user->validatePassword($this->password)) {
			$this->errorCode = self::ERROR_PASSWORD_INVALID;
//			$user->loginFailedCount += 1;
//			$user->update();
		} else {
			$this->_id = $user->id;
			$membership = Membership::model()
					->find("Benutzernummer_Web=? AND Klasse_Verband NOT LIKE 'Symp%'  AND Verband LIKE 'JUSO Schweiz' 
					AND (Austritt = '0000-00-00' OR Austritt >= '" . date('Y-m-d') . "')", array($user->Benutzernummer));
			$this->setState('roles', $user->role);
			$this->setState('sektion', $membership->Mitgliedschaft_bei_Kundennr);
			$this->setState('kanton', $membership->Region);
//			$user->lastLogin = date('Y-m-d H:i:s');
//			$user->loginFailedCount = 0;
//			$user->update();

			$this->username = $user->email;
			$this->errorCode = self::ERROR_NONE;
		}
		return $this->errorCode == self::ERROR_NONE;
	}

	public function getId() {
		return $this->_id;
	}

}